<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<!DOCTYPE html>
<html>
<head>
  <title>用户列表</title>
  <link rel="stylesheet" href="${pageContext.request.contextPath}/css/style.css">
</head>
<body>
<%@ include file="../header.jsp" %>
<div class="container">
  <h2>用户列表</h2>
  <div class="search-container">
    <form action="${pageContext.request.contextPath}/managementUsers" method="post"> <!-- 改为POST方法 -->
      <input type="hidden" name="action" value="search"> <!-- 添加隐藏字段 -->
      <input type="text" name="keyword" placeholder="搜索用户名或姓名"
             value="${fn:escapeXml(keyword)}"> <!-- 防止XSS -->
      <button type="submit">搜索</button>
    </form>
  </div>
  <a href="${pageContext.request.contextPath}/jsp/managementUser/add.jsp" class="add-btn">添加用户</a>
  <table class="user-table">
    <thead>
    <tr>
      <th>ID</th>
      <th>用户名</th>
      <th>姓名</th>
      <th>部门ID</th>
      <th>联系方式</th>
      <th>创建时间</th>
      <th>操作</th>
    </tr>
    </thead>
    <tbody>
    <c:forEach items="${users}" var="user">
      <tr>
        <td>${user.managementId}</td>
        <td>${user.username}</td>
        <td>${user.name}</td>
        <td>${user.departmentId}</td>
        <td>${user.contactInfo}</td>
        <td>${user.createTime}</td>
        <td>
          <a href="managementUsers?action=edit&id=${user.managementId}">编辑</a>
          <a href="managementUsers?action=delete&id=${user.managementId}" onclick="return confirm('确定要删除吗?')">删除</a>
        </td>
      </tr>
    </c:forEach>
    </tbody>
  </table>
</div>
</body>
</html>